Cyber Security Industry Alliance Newsletter •  Volume 2, Number 8 • April 2006

Upcoming Events

April

April
20

Compliance 2.0: The Next Steps for Security Leadership
TechTarget / CSIA Compliance Seminar

New York, NY

The need to build an effective compliance policy remains an essential element to achieve a successful, holistic security strategy (and to avoid costly mistakes or eventual penalties). Heres your chance to lay the groundwork for a successful policy, to find out how your current compliance initiatives stack up, and how to make continuous process improvements. Gain complimentary admission for Compliance 2.0: The Next Steps for Security Leadership, a complimentary 1-day seminar developed in partnership with the Cyber Security Industry Alliance (CSIA) and Information Security magazine.

April
20-22

The First International Conference on Availability, Reliability and Security (ARES 2006)
Vienna, Austria

Speakers include: Dr Louis Marinos, ENISA Security Competence Department, Risk Management; Prof. David Basin, Information Security, Department of Computer Science, ETH Zurich, Switzerland; Prof. Andrew Steane, Centre for Quantum Computation, University of Oxford, UK.

April
24-28

Cyber Security Training Conference
Dayton, Ohio

The 28th Department of Energy (DOE) Cyber Security Group (CSG) Training Conference focuses on the protection of unclassified controlled (sensitive) and classified information, which is crucial as the mission of the Department evolves and the requirements of numerous Federal regulations and Departmental Directives are implemented. The conference provides a training-based forum for DOE Federal and contractor employees to learn from DOE and industry experts and exchange cyber security information and new technologies.

April
25
9:00-11:00 AM

Small Business Town Hall
St. Louis RCGA—Regional Collaboration Center
St. Louis, MO

Congressman Todd Akin (R-MO), Chairman of the Subcommittee on Regulatory Reform and Oversight of the House Small Business Committee, will host a Congressional Town Hall discussion on Tuesday, April 25 in St. Louis, MO. This Town Hall will focus on owners of small businesses and how they can protect their businesses from financial loss due to due computer fraud in today’s growing cyber economy. Representatives from CSIA member firms McAfee and RSA Security will participate on the panel, and they will be joined by Ron Teixeira, Executive Director of the National Cyber Security Alliance (NCSA), and Special Agent Jim Thompson of the Federal Bureau of Investigation (FBI). Providing a local perspective for the St. Louis audience will be The Newberry Group and CSIA member firm TechGuard.

To RSVP, or for more details, email or phone Jillian Steinbrenner at (314) 590-0029.

April
25
1:00 PM EDT

WEBCAST: Federal and State Legislation Update

Identity theft has become the number one consumer complaint to the Federal Trade Commission. Last year, there were over 100 breaches resulting in over 53 million individuals being exposed to identity theft. States and Congress are now under increasing pressure from consumer organizations to pass laws to protect consumers from identity theft.

Learn about the existing and upcoming data privacy and security legislation. The session will give you a better understanding of the 22 State Privacy and Data Security Laws, what are the similarities and what do you need to do to comply. This webcast will also provide on update on Federal Privacy Law, the bills that are active in both the House and Senate Committees, and how they will affect your business. This Webcast will provide valuable insight that will help your organization prepare for the regulations.

Executive Panel: Joseph Ansanelli, CEO and Chairman, Vontu; Paul Kurtz, Executive Director, CSIA; Tess Koleczek, Chief Privacy Officer, E-LOAN

April
25-27

GovSec U.S. Law! Ready!
Washington, DC

The GovSec, U.S. Law and Ready! Conference and Exposition provides you with an unrivaled opportunity to collaborate across departments and jurisdictions — federal, state and local — to give you a complete picture of the integrated, leading-edge strategies that comprise today’s homeland security plans and practices. All this, plus you’ll explore, test and learn about the cutting-edge tools and solutions you need to meet the challenges and demands you face while protecting our nation’s citizens, infrastructure and critical assets against all hazards.

April  27
8:45am – 10:15am

CSIA Special Session at GovSec:
Emerging Threats to IT Security

Join these industry giants to gain insight into the threats against the next generation of IT systems. See what resiliencies your system must contain to fend off potential threats arising from new scientific and technological advances and terrorist use of existing capabilities in new, unexpected ways.

Speakers: Paul Kurtz, Executive Director, Cyber Security Industry Alliance;

Thomas Leighton, Ph.D., Chairman, President’s Information Technology Advisory Committee, Professor of Applied Mathematics, MIT, and Chief Scientist, Akamai Technologies

April 27
noon - 2:00pm

CSIA Special Section at GovSec:
A View from the Hill


Paul Kurtz, Executive Director, Cyber Security Industry Alliance, will moderate a panel discussion with Congressional Staff as they provide a "View from the Hill" on leading security issues and legislation. The discussion will be followed by a Q&A session.

April 30 -
May 4

GFIRST: A Nation Working Together to Secure Cyberspace
Orlando, FL

The focus of the second annual Government Forum of Incident Responders and Security Teams (GFIRST) conference is to identify and improve information gathering and dissemination techniques, demonstrate proven information exchange methodologies, and provide superior training to incident responders, CISOs, and others important players in the cyber security field. The conference is expected to attract more than 500 GFIRST members, cyber incident responders, Chief Information Security Officers, cyber security vendors, law enforcement personnel supporting cyber security issues.

May

May
11

SANS Security 2006
San Diego, CA

SANS Security 2006 boasts fourteen courses designed to keep up with today's changing IT environments, delivering the skills needed for effective management, information security and audit professionals. Tracks include: Security & Audit Framework; Auditing Networks, Perimeters and Systems; SANS Security Leadership Essentials SANS Security Essentials Bootcamp Style; Assessing and Securing Wireless Networks and more.

May
22-24

21st IFIP International Information Security Conference "Security and Privacy in Dynamic Environments"
Karlstad, Sweden

IFIP/SEC 2006 is organized by IFIP TC-11 (Technical Committee on Security & Protection in Information Processing Systems) in cooperation with Karlstad University. Program includes presentations by Andrea Pirotti, Executive Director of ENISA, "ENISA's Contribution to the development of Network and Information Security within the Community"; Stewart Kowalski, Ericsson Research, Sweden, "Jumping the Chasm by Minding the Gap: Co-producing a Secure All Communicating World"; and Henrik Kaspersen, Computer Law Institute, Vrije Universiteit Amsterdam, "Data retention, unfortunate incident or intended erosion of privacy?"

May
23-24

Platts 4th Annual Cyber Security for Utilities
Houston, TX

Attend Platts 4th Annual Cyber Security for Utilities conference, to gain insight from security experts about compliance standards, SCADA risks and solutions, and integration of cyber and physical security.

June

June
4-7

8th Annual International Techno Security Conference
Mytle Beach, SC

Techno has become known as a world class training and networking event now having had attendees register from 40 different countries. We will continue to offer a considerable number of forensics based training sessions and labs which have been a major part of Techno Security since our first conference in 1999.

June
5-7

Gartner 12th Annual IT Security Summit 2006
Washington, DC

Is IT security at a tipping point? This conference explores solutions in technologies, methodologies, products and services. At this conference, you will learn about evaluating emerging technologies and future trends in information security, building the business case for your IT security budget and investments, meeting the challenges of compliance and privacy in the global marketplace, the latest take on the security vendors and products you can trust, what works and what doesn't.

June
5-8

The CIO Decisions Conference
Carlsbad, CA

Back for its third year straight and under the award-winning, editorial direction of Maryfran Johnson, the CIO Decisions Conference will present a blend of practical insights, innovative strategies and industry best practices – all tailored specifically to the needs of the midmarket CIO. With interactive sessions on issues ranging from IT portfolio management to disaster recovery to contract negotiations to staffing and sourcing dilemmas, the CIO Decisions Conference boasts a conference agenda like no other.

June
14-15

2006 NYS Cyber Security Conference
Albany, NY

The 2006 NYS Cyber Security Conference is the premier cyber security event in New York State. The Conference, cosponsored by the NYS Forum, Rockefeller Institute of Government, the NYS Office of Cyber Security and Critical Infrastructure Coordination (CSCIC) and the NYS Center for Information Forensics and Assurance at the University at Albany (CIFA), brings state and local government cyber security-related professionals, along with their private and nonprofit counterparts, together for two days.

June
15-16

eema Annual Conference 2006: Enabling Business through Identity
Barcelona, Spain

Open to eema members and non-members the conference is an invaluable event for anyone whose remit is identity-based management or compliance - from a technical, legal or business perspective. Over two days the conference will cover seven key subject areas, through presentations, panel discussions, interactive debate and round tables.

June
19-21

Infosecurity Canada Conference & Exhibition
Toronto, Ontario

Infosecurity Canada Conference & Exhibition focuses on the sharing of information critical to a more secure and compliant information infrastructure. Infosecurity Canada Conference & Exhibition is the ideal forum for all information asset stakeholders, security experts and practitioners to exchange real-world concerns and solutions, and learn about the most current best practices, policies, procedures and products.

June
25-30

18th Annual FIRST Conference
Baltimore, MD

The annual FIRST Conference focuses on computer security incident handling and other incident response issues. The presentations are international in scope and include the latest in incident response and prevention, vulnerability analysis, and related aspects of computer security. Additionally, these events serve as the foundation for the improvement of computer security worldwide via the sharing of viewpoints, ideas, and information.

August

August
30-31

Bellua Cyber Security Asia 2006
2nd Annual Information Security & Hacking Conference

Jakarta, Indonesia

The Bellua Cyber Security Asia 2006 Conference will bring together in Indonesia internationally recognized experts in the security community as well as leading members of the local Indonesian technology and security industry. The main goal of the event is to increase security awareness and facilitate information sharing within the public, corporate, and government sectors. More than forty speakers from Asia, Europe and the Americas are expected to join Bellua Cyber Security Asia 2006 to discuss present and future information security issues through an intensive series of workshops, presentations, demonstrations and technical sessions. The conference talks will be spread across 2 concurrent tracks focusing on both business and technical aspects of information security.

August 30 -
September 2

ISC 2006: 9th Information Security Conference
Samos Island, Greece

ISC is an annual international conference covering research in and applications of Information Security. It was first initiated as a workshop (ISW) in Japan in 1997, ISW 1999 in Malaysia, ISW 2000 in Australia and then changed to the current name ISC when it was held in Spain in 2001 (ISC'01). This year ISC'06 will be held in Samos Island, Greece. Continuing its past success, ISC aims to attract high quality papers in all technical aspects of information security.

September

September
12-14

Infosecurity New York
New York, New York

Infosecurity is a global event designed for business leaders and security professionals who develop the strategies and policies essential to a more secure and compliant information infrastructure.

October

October
18-20

Information Security Decisions
Chicago, Illinois

Information Security Decisions arms you with the expert advice it takes to tackle today’s mission-critical security objectives — no matter how rampant user ignorance or noncompliance runs throughout your organization. Governance and compliance must be addressed. Cost-saving strategies and smarter purchasing decisions must be made. Business units can no longer ignore security risks. And safeguarding your entire network is paramount. Security is your business — showing you how to secure the future of that business is ours.